Research Papers

Managed Security Monitoring

By Mike Rothman

Nobody really argues any more about whether to perform security monitoring. Compliance mandates answered that question, and the fact is that without granular security monitoring and analytics you don’t have much chance to detect attacks. But there is an open question about the best way to monitor your environment, especially given the headwinds facing your security team.

Given the challenges of finding and retaining staff, the increasingly distributed nature of data and systems that need to be monitored, and the rapid march of technology, it’s worth considering whether a managed security monitoring service makes sense for your organization. Under the right circumstances a managed service presents an interesting alternative to racking and stacking another set of SIEM appliances.

This paper covers the drivers for managed security monitoring, the use cases where a service provider can offer the most value, and some guidance on how to actually select a service provider. It’s a comprehensive look at what it takes to select a security monitoring service.

We’d like to thank IBM Security, who licensed this content and enables us to provide it to you for, well, nothing. The paper was built using our Totally Transparent Research methodology, to make sure we are writing what needs to be written rather than what someone else wants us to say.

Contact

About

Securosis is an information security research and advisory firm dedicated to transparency, objectivity, and quality. We are totally obsessed with improving the practice of information security. Our job is to save you money and help you do your job better and faster by helping you cut through the noise and providing clear, actionable, pragmatic advice on securing your organization.